package com.lf.web.interceptor;

import com.lf.web.service.system.group.Group;
import com.lf.web.service.system.group.GroupDAO;
import com.lf.web.service.system.user.User;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.config.entities.ActionConfig;
import com.opensymphony.xwork2.interceptor.Interceptor;
import org.apache.log4j.Logger;
import org.apache.struts2.ServletActionContext;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Map;

public class LoginCheck implements Interceptor {

    private static final String ACTIONID = "actionid";
    private static final Logger LOGGER = Logger.getLogger(LoginCheck.class);

    private GroupDAO groupdao;
    private String[] roots = {};

    public void setGroupdao(GroupDAO groupdao) {
        this.groupdao = groupdao;
    }

    public void setRoots(String roots) {
        this.roots = roots.split(",");
    }

    @Override
    public void destroy() {
    }

    @Override
    public void init() {
    }

    @Override
    public String intercept(ActionInvocation invocation) throws Exception {
        ActionConfig config = invocation.getProxy().getConfig();
        ActionContext context = invocation.getInvocationContext();
        Map<String, Object> session = context.getSession();
        HttpServletRequest request = (HttpServletRequest) context.get(ServletActionContext.HTTP_REQUEST);
        HttpServletResponse response = (HttpServletResponse) context.get(ServletActionContext.HTTP_RESPONSE);
        Object obj = session.get("user");
        if (obj == null) {/* 检查登录 */
            LOGGER.info("未登录访问：" + context.getName() + "|" + request.getContextPath() + "|" + request.getRequestURI());
            response.sendError(401);
            return "none";
        } else {
            User user = (User) obj;
            Map<String, String> params = config.getParams();
            String username = user.getString(user.USER_NAME);
            for (String root : roots) {/* 检查超级用户 */
                if (root.equals(username)) {
                    return invocation.invoke();
                }
            }
            String act = "";
            Object actobj = context.getParameters().get("act");
            if (actobj == null) {/* 默认act */
                return invocation.invoke();
            } else {
                act = ((String[]) actobj)[0];
            }

            String url = request.getRequestURI().replaceFirst(request.getContextPath(), "").replace(".acton", "");

            if (params.containsKey(ACTIONID)) {
                String id = params.get(ACTIONID);
                if (user.containsKey(user.GROUP_ID)) {
                    Group group = new Group(groupdao.findById(user.getString(user.GROUP_ID)));
                    if (group.checkLimit(id, act)) {
                        return invocation.invoke();
                    } else {
                        LOGGER.warn("越权访问：" + context.getName());
                        response.sendError(403);
                        return "none";
                    }
                } else {
                    LOGGER.warn("越权访问：" + context.getName());
                    response.sendError(403);
                    return "none";
                }
            } else {
                return invocation.invoke();
            }
        }
    }
}
